The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
What is OPA
Recipe I have cooked so far robust automation and deployments.
Policy Module: Policy enforcement for your Kubernetes Cluster
koans for OPA
Kubernetes security-aware scheduling of workloads
Enterprise OPA is a distribution of Open Policy Agent with enterprise-grade features to get OPA into production quickly, easily, and inexpensively.
Multi-cloud Policy-as-Code lab: Kubernetes OPA Gatekeeper, Azure Policy (Bicep), AWS SCPs, CI/CD with GitHub Actions, Security & Compliance Automation.
A hands-on, step-by-step lab to provision, secure, and govern Kubernetes clusters using Infrastructure as Code. Includes RBAC, NetworkPolicy, Admission Controllers, GitOps (ArgoCD) and Policy as Code (OPA Gatekeeper) with real-world scenarios and documentation.
OPA rules for the Please build system
Run conftest test command with GitHub Actions
Ultra fast and slim kubernetes playground.
Run opa test command with GitHub Actions
GitOps template with K3d, ArgoCD, ELK stack and Open Policy Agent
A set of curated exercises to help you prepare for the CKS exam
OPA Test Runner: Apply policies to arbitrary json or yaml data using OPA and Rego.
Annotated OPA sidecar configuration